Skip to content

Update django-debug-toolbar to 3.2.1 #1692

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
pyup-bot wants to merge 1 commit into from
Closed

Update django-debug-toolbar to 3.2.1 #1692

pyup-bot wants to merge 1 commit into from

Conversation

@pyup-bot
Copy link
Collaborator

@pyup-bot pyup-bot commented Apr 15, 2021

This PR updates django-debug-toolbar from 3.1.1 to 3.2.1.

Changelog

3.2.1

------------------

* Fixed SQL Injection vulnerability, CVE-2021-30459. The toolbar now
calculates a signature on all fields for the SQL select, explain,
and analyze forms.
* Changed ``djdt.cookie.set()`` to set ``sameSite=Lax`` by default if
callers do not provide a value.
* Added ``PRETTIFY_SQL`` configuration option to support controlling
SQL token grouping. By default it's set to True. When set to False,
a performance improvement can be seen by the SQL panel.
* Fixed issue with toolbar expecting URL paths to start with `/__debug__/`
while the documentation indicates it's not required.

3.2

----------------

* Moved CI to GitHub Actions: https://github.com/jazzband/django-debug-toolbar/actions
* Stopped crashing when ``request.GET`` and ``request.POST`` are
dictionaries instead of ``QueryDict`` instances. This isn't a valid
use of Django but django-debug-toolbar shouldn't crash anyway.
* Fixed a crash in the history panel when sending a  JSON POST request
with invalid JSON.
* Added missing signals to the signals panel by default.
* Documented how to avoid CORS errors now that we're using JavaScript
modules.
* Verified support for Python 3.9.
* Added a ``css`` and a ``js`` template block to
``debug_toolbar/base.html`` to allow overriding CSS and JS.

3.2a1

------------------

* Fixed a regression where the JavaScript code crashed with an invalid
CSS selector when searching for an element to replace.
* Replaced remaining images with CSS.
* Continued refactoring the HTML and CSS code for simplicity, continued
improving the use of semantic HTML.
* Stopped caring about prehistoric browsers for good. Started splitting
up the JavaScript code to take advantage of JavaScript modules.
* Continued removing unused CSS.
* Started running Selenium tests on Travis CI.
* Added a system check which prevents using django-debug-toolbar without
any enabled panels.
* Added :meth:`Panel.run_checks() <debug_toolbar.panels.Panel.run_checks>` for
panels to verify the configuration before the application starts.
* Validate the static file paths specified in ``STATICFILES_DIRS``
exist via :class:`~debug_toolbar.panels.staticfiles.StaticFilesPanel`
* Introduced `prettier <https://prettier.io/>`__ to format the frontend
code.
* Started accessing history views using GET requests since they do not
change state on the server.
* Fixed a bug where unsuccessful requests (e.g. network errors) were
silently ignored.
* Started spellchecking the documentation.
* Removed calls to the deprecated ``request.is_ajax()`` method. These calls
were unnecessary now that most endpoints return JSON anyway.
* Removed support for Python 3.5.
Links

@pyup-bot pyup-bot mentioned this pull request Apr 15, 2021
Closed
@pyup-bot
Copy link
Collaborator Author

pyup-bot commented Aug 15, 2021

Closing this in favor of #1908

@pyup-bot pyup-bot closed this Aug 15, 2021
@renzon renzon deleted the pyup-update-django-debug-toolbar-3.1.1-to-3.2.1 branch August 15, 2021 16:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pyup-bot