8000 Backport 3.7.4 release to develop (#6883) · django-cms/django-cms@bf99a95 · GitHub
[go: up one dir, main page]
Skip to content

Commit bf99a95

Browse files
FinalAngelevildmpdatencoachMLK97yakky
authored
Backport 3.7.4 release to develop (#6883)
* Add missing parenthesis in code (#6677) (#6690) * Adding support for Django 2.2 LTS (#6655) (#6691) * New changes for cms 3.7 * Fix typo * Fixed issue with force_color * Removed unused import * Added docs to index.rst * Fixed travis jobs * Fixed force_color command * Changes after review * Fixed django version in setup * Update django-2.2.txt * Fixes test suite (#6688) (#6692) * add information for testing * fix tests * updated CHANGELOG * update * 1.8.5 * fix tests locally * update text * Release 3.7.0a1 (internal) (#6693) * bumped version to 3.7.0a1 * updated staticfiles * updated translations * Adapt test suite for recent Travis changes (#6709) (#6710) * test something * further updates and add 3.7 to test * updates * simplify for tests * add 3.7 support * Fix content mode related to #6694 (#6696) (#6711) * Adapt test suite for recent Travis changes (#6709) * test something * further updates and add 3.7 to test * updates * simplify for tests * add 3.7 support * Fix content mode related to #6694 (#6696) * Fix content mode related to #6694 * Add Dmytro Litvinov to AUTHORS according to PR template * Self install doc tweaks (#6673) (#6712) * Adapt test suite for recent Travis changes (#6709) * test something * further updates and add 3.7 to test * updates * simplify for tests * add 3.7 support * Fix content mode related to #6694 (#6696) * Fix content mode related to #6694 * Add Dmytro Litvinov to AUTHORS according to PR template * Self install doc tweaks (#6673) * Add missing template context processor to self install docs Fixes #5828 * Reword self install docs for clarity * Add to AUTHORS file * Documenation: Add 'prepopulated_fields' to ignored options list on CMSPluginBase (#6667) (#6713) * Add 'prepopulated_fields' to ignore list Added `prepopulated_fields` to the list of options that will be ignored when creating a custom DjangoCMS plugin with CMSPluginBase (which is based on ModelAdmin) * Update AUTHORS * Release 3.7.0rc1 (#6715) * update django version in sphinx * bumped version * updated existing translations * update static files * update docs * update authors file * Override urlconf_module so that Django system checks don't crash. (#6719) (#6723) * Add a test case for #6717. * Override urlconf_module so that Django system checks don't crash. Without this fix, Django system checks in Django 2.2 will try to resolve the "app_resolver" module, which does not exist. Overriding ``urlconf_module`` prevents the issue. Fixes #6717 * Release 3.7.0rc2 (#6724) * regenerated translation files * bumped version * update existing translation * compile static files * updated release notes * Updated compatibility table (#6727) * Release 3.7.0 (#6735) * Bumped version to 3.7.0 * updated translation files * added static files * Backport to prepare for 3.7.1 (#6762) * Improved and simplified permissions documentation (#6224) [ci-skip] * Updated branch policy (#6320) * Updated branch policy [ci only docs] * Removed feature branch notes from policy * Improve apphooks documentation (#6743) Remove a reference to `urls` attribute on AppHook class in the documentation. * Fix documentation bug regarding CMSPluginBase (#6744) The documentation advertises that you can set the module attribute of custom plugins to None. If the user attempts this django they won't be able to start up when django.contrib.admin.site.urls is included in urls.py (tested with django 1.11.25 and django-cms 3.7.0). * Added example of `get_plugin_instance` to the docs on nested plugins. (#6609) * Amend Changelog and fixes from merged PRs (#6755) * add missing changelog entries * update docs * updated changelog * updates from comments * Sites - Pass Site obj instead of pk when creating a StaticPlaceholder (#6679) * Pass site object instead of pk when rendering menu Add original fix by @saqlainsyed007 * Moved test to it's own class * Update changelog * Do not let non-staff users to log in via CMS Toolbar (#6705) * Merged stale PR's (#6759) * add missing changelog entries * update docs * updated changelog * updates from comments * merge #6347 * merged #6530 * merge #6538 * merge #6549 * merge #6704 * changelog for #6705 * Update issue templates * Fixed #6737 -- Fix 'urls.W001' warning with custom apphook urls (#6738) * Refs #6737 -- Add test for apphooks urls config check * Fixed #6737 -- Fix 'urls.W001' warning with custom apphook urls When rewriting the apphooks urls in appresolver.recurse_patterns, the original RegexPattern.is_endpoint flag is lost, so urls with a callback view throws an "include with a route ending with a '$'" warning ('urls.W001'). @apphook_pool.register class MyApp(CMSApp): name = "MyApp" def get_urls(self, page=None, language=None, **kwargs): return [ re_path(r"^$", views.MyAppView.as_view(), name="my-app-index") # or this # path(r"", views.MyAppView.as_view(), name="my-app-index") ] $ ./manage.py check System check identified some issues: WARNINGS: ?: (urls.W001) Your URL pattern '^my-app-url/my-view-url/$' [name='my-app-index'] uses include with a route ending with a '$'. Remove the dollar from the route to avoid problems including URLs. This fix set the RegexPattern flag is_endpoint to True for callback views in appresolver.recurse_patterns as in https://github.com/django/django/blob/stable/2.2.x/django/urls/conf.py#L70 * Updated documentation and files for 3.7 LTS (#6761) * general updates * updates from comments * update form comments * Further backports for 3.7.1 (#6768) * add newly generated strings * Fix simple typo: seperated -> separated (#6767) * Fix simple typo: seperated -> separated * Update CHANGELOG.rst * Update djangocms installer docs (#6764) * Release django CMS 3.7.1 (#6769) * update documentation * Bumped version to 3.7.1 * compiled available languages * update static files * fix build * bump date * Update 04-plugins.rst (#6782) Migration does not work without on_delete on a ForeignKey-Field * Backport changes to 3.7.x (#6837) * Add Django 3 and Python 3.8 support (#6796) * release version lock * remove python_2_unicode_compatible * migrated from ``django.utils.six`` to the six package * more migrations * update static import * update to TemplateResponse * add new arguments * re-add unicode * further adaptions * fix additional issues * update test framework * update docs * revert this change * add space * adapt upgrade docs * fix tests * test updates * easy dependency * adapt requirements files * cleanup tests * minor update * revert pyflakes * test something * another test * updates * fix some tests * tests * Usage of session to store user language has been deprecated * Fix pyflakes support * Fix on py2.7 Co-authored-by: Iacopo Spalletti <i.spalletti@nephila.it> # Conflicts: # docs/introduction/09-third_party.rst * Improved plugins documentation # Conflicts: # docs/how_to/custom_plugins.rst Co-authored-by: Daniele Procida <daniele@vurt.org> * Release 3.7.2 (#6838) * updated translations * Bumped version to 3.7.2 * update existing translations * rebuild static files * update changelog * Updated compatibility table for 3.7.2 Co-authored-by: Daniele Procida <daniele@vurt.org> * Corrected plugin documentations based on Issue #6752 (#6798) (#6858) Co-authored-by: Maximilian Konrad <maximilianlukaskonrad@hotmail.de> * Move var declaration inside closure to make it available to firefox (#6854) (#6859) # Conflicts: # CHANGELOG.rst Co-authored-by: Iacopo Spalletti <i.spalletti@nephila.digital> * Fix 3.7 on python 2 (#6855) (#6860) * Fix imports on python 2.7 * Fix requirements * Make python 2.7 required on travis * Fix url cache leak in tests * Remove references to MIDDLEWARE_CLASSES * Update changelog Co-authored-by: Iacopo Spalletti <i.spalletti@nephila.digital> * set white of first column in jstree to normal (#6856) (#6861) # Conflicts: # cms/static/cms/css/3.7.2/cms.pagetree.css Co-authored-by: Jacob Rief <jacob.rief@gmail.com> * Release 3.7.3 (#6862) * generate translations * Bumped version to 3.7.3 * compile translations * upgrade static assets * update docs * add release date * Release 3.7.4 (#6881) * add patch * bumdle * bump version * regenerate build files Co-authored-by: Daniele Procida <daniele@vurt.org> Co-authored-by: datencoach <51292314+datencoach@users.noreply.github.com> Co-authored-by: Maximilian Konrad <maximilianlukaskonrad@hotmail.de> Co-authored-by: Iacopo Spalletti <i.spalletti@nephila.digital> Co-authored-by: Jacob Rief <jacob.rief@gmail.com>
1 parent 7207710 commit bf99a95

File tree

228 files changed

+6182
-2673
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

228 files changed

+6182
-2673
lines changed

CHANGELOG.rst

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,11 +3,19 @@ Changelog
33
=========
44

55

6-
3.7.3 (unreleased)
6+
3.7.4 (2020-07-21)
7+
==================
8+
9+
* Fixed a security vulnerability in the plugin_type url parameter to insert JavaScript code.
10+
11+
12+
3.7.3 (2020-05-27)
713
==================
814

915
* Fixed apphooks config select in Firefox
1016
* Fixed compatibility errors on python 2
17+
* Fixed long page titles in Page tree/list view to prevent horizontal scrolling
18+
* Adapted plugin documentations
1119

1220

1321
3.7.2 (2020-04-22)
@@ -22,7 +30,6 @@ Changelog
2230
* added ``--force-color`` and ``--skip-checks`` in base commands when using Django 3
2331
* replaced ``staticfiles`` and ``admin_static`` with ``static``
2432
* replaced djangocms-helper with django-app-helper
25-
* Wraps long page titles in Page tree/list view to prevent horizontal scrolling.
2633

2734

2835
3.7.1 (2019-11-26)

cms/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# -*- coding: utf-8 -*-
22

3-
__version__ = '3.7.1'
3+
__version__ = '3.7.4'
44

55
default_app_config = 'cms.apps.CMSConfig'

cms/admin/placeholderadmin.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
from django.template.response import TemplateResponse
1919
from django.utils.decorators import method_decorator
2020
from django.utils.encoding import force_text
21+
from django.utils.html import conditional_escape
2122
from django.utils import translation
2223
from django.utils.translation import ugettext as _
2324
from django.views.decorators.clickjacking import xframe_options_sameorigin
@@ -304,7 +305,7 @@ def add_plugin(self, request):
304305
# errors is s dict mapping fields to a list of errors
305306
# for that field.
306307
error = list(form.errors.values())[0][0]
307-
return HttpResponseBadRequest(force_text(error))
308+
return HttpResponseBadRequest(conditional_escape(force_text(error)))
308309

309310
plugin_data = form.cleaned_data
310311
placeholder = plugin_data['placeholder_id']

cms/locale/ar/LC_MESSAGES/django.mo

-15 Bytes
Binary file not shown.

cms/locale/ar/LC_MESSAGES/django.po

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
# Translators:
77
# Ahmed H <info@draco-003.com>, 2013
88
# Ali Khalel <ali.khalel@gmail.com>, 2019
9-
# Bashar Al-Abdulhadi, 2013-2015,2017,2019
9+
# Bashar Al-Abdulhadi, 2013-2015,2017,2019-2020
1010
# Bashar Al-Abdulhadi, 2013-2014
1111
# Bashar Ghadanfar <10.tens@gmail.com>, 2017
1212
# Jonas Obrist <me@ojii.ch>, 2011
@@ -18,9 +18,9 @@ msgid ""
1818
msgstr ""
1919
"Project-Id-Version: django CMS\n"
2020
"Report-Msgid-Bugs-To: \n"
21-
"POT-Creation-Date: 2019-11-19 11:09+0100\n"
22-
"PO-Revision-Date: 2019-11-13 08:54+0000\n"
23-
"Last-Translator: Angelo Dini <angelo.dini@divio.ch>\n"
21+
"POT-Creation-Date: 2020-05-26 14:17+0200\n"
22+
"PO-Revision-Date: 2020-04-21 13:37+0000\n"
23+
"Last-Translator: Bashar Al-Abdulhadi\n"
2424
"Language-Team: Arabic (http://www.transifex.com/divio/django-cms/language/ar/)\n"
2525
"MIME-Version: 1.0\n"
2626
"Content-Type: text/plain; charset=UTF-8\n"

cms/locale/ar/LC_MESSAGES/djangojs.po

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ msgid ""
1212
msgstr ""
1313
"Project-Id-Version: django CMS\n"
1414
"Report-Msgid-Bugs-To: \n"
15-
"POT-Creation-Date: 2019-11-19 11:10+0100\n"
15+
"POT-Creation-Date: 2020-05-26 14:18+0200\n"
1616
"PO-Revision-Date: 2018-01-11 16:38+0000\n"
1717
"Last-Translator: Paulo Alvarado <paulo.alvarado@divio.ch>\n"
1818
"Language-Team: Arabic (http://www.transifex.com/divio/django-cms/language/ar/)\n"

cms/locale/bg/LC_MESSAGES/django.mo

-163 Bytes
Binary file not shown.

cms/locale/bg/LC_MESSAGES/django.po

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,9 @@ msgid ""
1313
msgstr ""
1414
"Project-Id-Version: django CMS\n"
1515
"Report-Msgid-Bugs-To: \n"
16-
"POT-Creation-Date: 2019-11-19 11:09+0100\n"
17-
"PO-Revision-Date: 2019-11-13 08:54+0000\n"
18-
"Last-Translator: Angelo Dini <angelo.dini@divio.ch>\n"
16+
"POT-Creation-Date: 2020-05-26 14:17+0200\n"
17+
"PO-Revision-Date: 2020-04-21 13:37+0000\n"
18+
"Last-Translator: Venelin Stoykov <vkstoykov@gmail.com>\n"
1919
"Language-Team: Bulgarian (http://www.transifex.com/divio/django-cms/language/bg/)\n"
2020
"MIME-Version: 1.0\n"
2121
"Content-Type: text/plain; charset=UTF-8\n"
@@ -515,10 +515,10 @@ msgid "Display in navigation"
515515
msgstr "в навигацията"
516516

517517
msgid "Unpublish page"
518-
msgstr "искане за премахване на публикация"
518+
msgstr ""
519519

520520
msgid "Publish page"
521-
msgstr "искане за публикуване"
521+
msgstr ""
522522

523523
msgid "Are you sure you want to revert to live?"
524524
msgstr ""

cms/locale/bg/LC_MESSAGES/djangojs.po

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ msgid ""
1111
msgstr ""
1212
"Project-Id-Version: django CMS\n"
1313
"Report-Msgid-Bugs-To: \n"
14-
"POT-Creation-Date: 2019-11-19 11:10+0100\n"
14+
"POT-Creation-Date: 2020-05-26 14:18+0200\n"
1515
"PO-Revision-Date: 2018-01-11 16:38+0000\n"
1616
"Last-Translator: Paulo Alvarado <paulo.alvarado@divio.ch>\n"
1717
"Language-Team: Bulgarian (http://www.transifex.com/divio/django-cms/language/bg/)\n"

cms/locale/bn/LC_MESSAGES/django.mo

9 Bytes
Binary file not shown.

0 commit comments

Comments
 (0)
0