Releases: mozilla/django-csp
Releases · mozilla/django-csp
4.0b2
What's Changed
- Add missing report-only from csp replace example by @jamesbeith in #233
- Add type hints, fix mypy issues (#198) by @jwhitlock in #228
- Expand the ruff config to include import sorting and others. by @robhudson in #234
- Use simple logical operator in middleware by @sevdog in #226
- Docs: Fix typos in configuration.rst and decorators.rst by @jcari-dev in #238
- Fix #231: report percentage of 100% should always report by @robhudson in #236
- Fix a couple docs examples by @robhudson in #239
- refactor(middleware): Refactor internals of CSPMiddleware so that it's easier to extend existing logic without copy/pasting it into subclass by @crbunney in #237
- Fix #230: Make REPORT_PERCENTAGE a float by @robhudson in #242
- Add Django 5.1 to the test matrix by @robhudson in #243
- Prepare for 4.0b2 release by @robhudson in #244
New Contributors
- @jamesbeith made their first contribution in #233
- @sevdog made their first contribution in #226
- @jcari-dev made their first contribution in #238
- @crbunney made their first contribution in #237
Full Changelog: 4.0b1...4.0b2
Contributors
robhudson, jwhitlock, and 4 other contributors
Assets 2
4.0b1
Backwards-Incompatible Release - Beta for Community Testing
This release introduces significant changes that are not backwards compatible. We encourage all users to review the migration guide thoroughly before upgrading.
- This beta version includes substantial updates that may affect the behavior of your existing applications.
- Migration steps are necessary to ensure compatibility.
- We welcome community testing and feedback to identify any issues or improvements needed before a final release.
What's Changed
- Restructure CSP Configuration with Streamlined Settings (backwards incompatible) by @robhudson in #219
- Add constants for CSP keywords by @robhudson in #222
- Fix
report_onlytoREPORT_ONLYin decorator docs by @robhudson in #224 - Move to NONCE sentinel instead of 'include-nonce-in' by @robhudson in #223
New Contributors
- @robhudson made their first contribution in #218
Full Changelog: 3.8...4.0b1
Contributors
robhudson
Assets 2
3.8
Please note that 3.8 is Python-code-identical to 3.8rc1, and there were no regressions or problems noted or reported with 3.8rc0 nor 3.8rc1
django-csp lives!
It's been more than a year since the last release and the project needed some refreshing before we can move forward with it.
This release aims to be functionally equivalent to 3.7, but with formal support for more modern Django and Python versions, all the way up to Django 5 on Python 3.12
Please see https://github.com/mozilla/django-csp/blob/main/CHANGES for a short summary of changes.
Feedback and bug reports are very welcome. 🙇
What's Changed
- Update installation.rst by @Jesus805 in #163
- Fix 164 migrate ci by @g-k in #165
- Update test configuration to cover up to Py3.9 and Django 3.2 by @mkoistinen in #172
- Remove deprecation warning for child-src by @rik in #154
- add project_urls to setup.py by @pawl in #171
- Drop old Django and Python versions by @g-k in #175
- rename default branch by @g-k in #176
- Update CI badge to CircleCI by @g-k in #177
- fix unwrap script re by @g-k in #178
- Tweak configuration docs by @jaap3 in #146
- docs: add note about nonce value visibility by @g-k in #180
- GH-182 Update docs to clarify when nonce will not be added to headers by @DylanYoung in #185
- Remove outdated docs reference to MIDDLEWARE_CLASSES by @mlazar-endear in #193
- updating csp_replace decorator doc by @chestnutcone in #183
- Wrap the test install with quotes. by @tim-schilling in #200
- Reawaken development by @stevejalim in #204
- Add readthedocs config and slightly update Sphinx config by @stevejalim in #205
- Ensure docs building has access to django_csp itself by @stevejalim in #206
- Add Sphinx RTD theme by @stevejalim in #207
- Improve themeing in RTD by @stevejalim in #208
- Update settings documentation to move deprecated-within-csp settings to their own section, at the bottom by @stevejalim in #210
- MiddlewareMixin is always present in django>=3.2 by @asottile-sentry in #211
- Bring codebase up to modern Python using pyupgrade by @stevejalim in #213
- Update GH actions helpers to use Node 20-based versions by @stevejalim in #214
- Prepare for 3.8rc release by @stevejalim in #215
- Tomlify setup.py by @hmpf in #216
- Prepare for 3.8 final release by @stevejalim in #217
New Contributors
- @Jesus805 made their first contribution in #163
- @mkoistinen made their first contribution in #172
- @pawl made their first contribution in #171
- @DylanYoung made their first contribution in #185
- @mlazar-endear made their first contribution in #193
- @chestnutcone made their first contribution in #183
- @tim-schilling made their first contribution in #200
- @stevejalim made their first contribution in #204
- @asottile-sentry made their first contribution in #211
- @hmpf made their first contribution in #216
Full Changelog: 3.7...3.8
Contributors
rik, jaap3, and 11 other contributors
Assets 2
3.8rc1
Release candidate for django-csp 3.8
Please note that 3.8rc1 is almost identical to 3.8rc0, and there were no regressions or problems noted with 3.8rc0
It's been more than a year since the last release and the project needed some refreshing before we can move forward with it.
This release aims to be functionally equivalent to 3.7, but with formal support for more modern Django and Python versions, all the way up to Django 5 on Python 3.12
Please see https://github.com/mozilla/django-csp/blob/main/CHANGES for a short summary of changes.
Feedback and bug reports are very welcome.
What's Changed in 3.8rc1
New Contributors to 3.8rc1
What's Changed in 3.8rc0 (based on commit history)
- Update installation.rst by @Jesus805 in #163
- Fix 164 migrate ci by @g-k in #165
- Update test configuration to cover up to Py3.9 and Django 3.2 by @mkoistinen in #172
- Remove deprecation warning for child-src by @rik in #154
- add project_urls to setup.py by @pawl in #171
- Drop old Django and Python versions by @g-k in #175
- rename default branch by @g-k in #176
- Update CI badge to CircleCI by @g-k in #177
- fix unwrap script re by @g-k in #178
- Tweak configuration docs by @jaap3 in #146
- docs: add note about nonce value visibility by @g-k in #180
- GH-182 Update docs to clarify when nonce will not be added to headers by @DylanYoung in #185
- Remove outdated docs reference to MIDDLEWARE_CLASSES by @mlazar-endear in #193
- updating csp_replace decorator doc by @chestnutcone in #183
- Wrap the test install with quotes. by @tim-schilling in #200
- Reawaken development by @stevejalim in #204
- Add readthedocs config and slightly update Sphinx config by @stevejalim in #205
- Ensure docs building has access to django_csp itself by @stevejalim in #206
- Add Sphinx RTD theme by @stevejalim in #207
- Improve themeing in RTD by @stevejalim in #208
- Update settings documentation to move deprecated-within-csp settings to their own section, at the bottom by @stevejalim in #210
- MiddlewareMixin is always present in django>=3.2 by @asottile-sentry in #211
- Bring codebase up to modern Python using pyupgrade by @stevejalim in #213
- Update GH actions helpers to use Node 20-based versions by @stevejalim in #214
- Prepare for 3.8rc release by @stevejalim in #215
New Contributors to 3.8rc0
- @Jesus805 made their first contribution in #163
- @mkoistinen made their first contribution in #172
- @pawl made their first contribution in #171
- @DylanYoung made their first contribution in #185
- @mlazar-endear made their first contribution in #193
- @chestnutcone made their first contribution in #183
- @tim-schilling made their first contribution in #200
- @stevejalim made their first contribution in #204
- @asottile-sentry made their first contribution in #211
Full Changelog: 3.7...3.8rc1
Contributors
rik, jaap3, and 11 other contributors
Assets 2
3.8rc
Release candidate for django-csp 3.8
It's been more than a year since the last release and the project needed some refreshing before we can move forward with it.
This release aims to be functionally equivalent to 3.7, but with formal support for more modern Django and Python versions, all the way up to Django 5 on Python 3.12
Please see https://github.com/mozilla/django-csp/blob/main/CHANGES for a short summary of changes.
Feedback and bug reports are very welcome.
What's Changed (based on commit history)
- Update installation.rst by @Jesus805 in #163
- Fix 164 migrate ci by @g-k in #165
- Update test configuration to cover up to Py3.9 and Django 3.2 by @mkoistinen in #172
- Remove deprecation warning for child-src by @rik in #154
- add project_urls to setup.py by @pawl in #171
- Drop old Django and Python versions by @g-k in #175
- rename default branch by @g-k in #176
- Update CI badge to CircleCI by @g-k in #177
- fix unwrap script re by @g-k in #178
- Tweak configuration docs by @jaap3 in #146
- docs: add note about nonce value visibility by @g-k in #180
- GH-182 Update docs to clarify when nonce will not be added to headers by @DylanYoung in #185
- Remove outdated docs reference to MIDDLEWARE_CLASSES by @mlazar-endear in #193
- updating csp_replace decorator doc by @chestnutcone in #183
- Wrap the test install with quotes. by @tim-schilling in #200
- Reawaken development by @stevejalim in #204
- Add readthedocs config and slightly update Sphinx config by @stevejalim in #205
- Ensure docs building has access to django_csp itself by @stevejalim in #206
- Add Sphinx RTD theme by @stevejalim in #207
- Improve themeing in RTD by @stevejalim in #208
- Update settings documentation to move deprecated-within-csp settings to their own section, at the bottom by @stevejalim in #210
- MiddlewareMixin is always present in django>=3.2 by @asottile-sentry in #211
- Bring codebase up to modern Python using pyupgrade by @stevejalim in #213
- Update GH actions helpers to use Node 20-based versions by @stevejalim in #214
- Prepare for 3.8rc release by @stevejalim in #215
New Contributors
- @Jesus805 made their first contribution in #163
- @mkoistinen made their first contribution in #172
- @pawl made their first contribution in #171
- @DylanYoung made their first contribution in #185
- @mlazar-endear made their first contribution in #193
- @chestnutcone made their first contribution in #183
- @tim-schilling made their first contribution in #200
- @stevejalim made their first contribution in #204
- @asottile-sentry made their first contribution in #211
Full Changelog: 3.7...3.8rc
Contributors
rik, jaap3, and 10 other contributors