Fixed a security vulnerability in the plugin_type url parameter to insert JavaScript code.
3.5.3 (2018-11-20)
Fixed TreeNode.DoesNotExist exception raised when exporting
and loading database contents via dumpdata and loaddata.
Fixed a bug where request.current_page would always be the public page,
regardless of the toolbar status (draft / live). This only affected custom
urls from an apphook.
Removed extra quotation mark from the sideframe button template
Fixed a bug where structureboard tried to preload markup when using legacy
renderer
Fixed a bug where updates on other tab are not correctly propagated if the
operation was to move a plugin in the top level of same placeholder
Fixed a bug where xframe options were processed by clickjacking middleware
when page was served from cache, rather then get this value from cache
Fixed a bug where cached page permissions overrides global permissions
Fixed a bug where plugins that are not rendered in content wouldn't be
editable in structure board
Fixed a bug with expanding static placeholder by clicking on "Expand All" button
Fixed a bug where descendant pages with a custom url would lose the overwritten
url on save.
Fixed a bug where setting the on_delete option on PlaceholderField
and PageField fields would be ignored.
Fixed a bug when deleting a modal from changelist inside a modal
3.5.2 (2018-04-11)
Fixed a bug where shortcuts menu entry would stop working after toolbar reload
Fixed a race condition in frontend code that could lead to sideframe being
opened with blank page
Fixed a bug where the direct children of the homepage would get a leading /
character when the homepage was moved or published.
Fixed a bug where non-staff user would be able to open empty structure board
Fixed a bug where a static file from Django admin was referenced that no
longer existed in Django 1.9 and up.
Fixed a bug where the migration 0018 would fail under certain databases.
3.5.1 (2018-03-05)
Fixed a bug where editing pages with primary keys greater than 999 would throw an
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/RPI-HASS/rpi_csdt_community/network/alerts).
Bumps django-cms from 3.5.0 to 3.5.4.
Changelog
Sourced from django-cms's changelog.
... (truncated)
Commits
932da2e
Release 3.5.4 (#6879)873876b
Fixed a bug with top-level object/embed/applet tags (#6497) (#6646)a5ba280
Fix wrong field name (#6467) (#6632)2f017dd
Update copyright year in docs to be dynamic (#6618) (#6639)2fb6bc8
Page has no attribute site_id [Docs] (#6614) (#6642)abf5862
Fixed #6440 -- render_plugin_block template tag (#6472) (#6644)55e50f7
typo: added spaces on configuration docs (#6330) (#6648)8b72a79
Fixed Travis by moving some jobs to allow_failures (#6653)ccfa5ca
Fixed djangocms-text-ckeditor version for older Django versions (#6651)44dcd41
Fixed #6457 -- Fixed rendering of permission icons (#6624) (#6626)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/RPI-HASS/rpi_csdt_community/network/alerts).