Add validation framework to prevent XSS attacks using HTML or SVG files (see docs)
Only show uncategorized files to the owner or superuser if permissions are active
Add an edit button to the file widget which opens edit file pop-up
Refactored directory list view for significant performance increases
Remove thumbnail generation from the directory list view request response cycle
Support for upload of webp images
Optional support for upload of heif images
Add Django 4.2 support
Add thumbnail view for faster visual management of image libraries
Fix File.objects.only() query required for deleting user who own files.
Fix several CSS quirks
Fix folder widget
Remove unused css from delete confirmation view and move file view
Add Pillow 10 compatibility
Update translations (de/fr/nl)
3.0.0rc3
Fix folder widget
Fix breadcrumbs
3.0.0rc2
Remove unused request for non-existing css file
3.0.0rc1
Add validation framework to prevent XSS attacks using HTML or SVG files (see docs)
Only show uncategorized files to the owner or superuser if permissions are active
Add an edit button to the file widget which opens edit file pop-up
Refactored directory list view for significant performance increases
Remove thumbnail generation from the directory list view request response cycle
Add Django 4.2 support
Add thumbnail view for faster visual management of image libraries
Fix File.objects.only() query required for deleting user who own files.
Fix several CSS quirks
2.3rc1
Additional thumbnail view for folder list admin view with much bigger icons.
2.2.6
Add Pillow 10 compatibility
2.2.5
Security patch (django-cms/django-filer#1352):
While admin options shown correctly represented the user rights, some admin
end-points were available directly. A staff user without any permissions
could browse the filer folder structure, list files in a folder, add files,
and move files and folders.
Add validation framework to prevent XSS attacks using HTML or SVG files (see docs)
Only show uncategorized files to the owner or superuser if permissions are active
Add an edit button to the file widget which opens edit file pop-up
Refactored directory list view for significant performance increases
Remove thumbnail generation from the directory list view request response cycle
Support for upload of webp images
Optional support for upload of heif images
Add Django 4.2 support
Add thumbnail view for faster visual management of image libraries
Fix File.objects.only() query required for deleting user who own files.
Fix several CSS quirks
Fix folder widget
Remove unused css from delete confirmation view and move file view
Add Pillow 10 compatibility
Update translations (de/fr/nl)
2.2.5 (2023-06-11)
Security patch (django-cms/django-filer#1352):
While admin options shown correctly represented the user rights, some admin
end-points were available directly. A staff user without any permissions
could browse the filer folder structure, list files in a folder, add files,
and move files and folders.
2.2.4 (2023-01-13)
Add Django 4.1 support
Add python 3.11 tests
Fix thumbnail generation for SVG images when used as a Divio addon.
2.2.3 (2022-08-08)
Fix CSS styles (Modified SCSS had to be recompiled).
2.2.2 (2022-08-02)
Fix #1305: Install django-filer with easy-thumbnail's optional SVG support.
2.2.1 (2022-06-05)
Fix: Define a default_auto_field as part of the app config.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
1 year ago
Bumps django-filer from 2.0.2 to 3.0.0.
Release notes
Sourced from django-filer's releases.
... (truncated)
Changelog
Sourced from django-filer's changelog.
... (truncated)
Commits
3adffdfbuild: Release 3.0.0 (#1376)6a8d981Feat: add heif upload support (*.heic, e.g., for iOS devices) (#1375)46e7e28ci: Prepare release 3.0.0rc3 (#1372)4733fd4fix: Folder widget had outdated styling (#1371)963a875ci: Prepare release 3.0.0rc2 (#1370)825e967Fix: Remove unused icon libraries in django-filer 3.0.0rc1 (#1369)ba24ac5Update classifiers for upcoming pypi release (#1368)10b3167fix: Update CHANGELOG.rstf57ef38fix: Update manifest to exclude mptt stub in release package (#1367)0f679cdfix: Format in upgrading.rstDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)