Fix another bug when the the thumbnailer in admin tags crashes because of
invalid or missing file
Ensure action buttons in directory listing do not get disabled after using
cancel or back button if files or folders are selected.
3.0.1 (2023-07-13)
Fix a bug that creates a server error when requesting a thumbnail from an
invalid or missing file
Fix a bug that on some systems webp images were not recognized
Add missing css map files
3.0.0 (2023-07-05)
Add validation framework to prevent XSS attacks using HTML or SVG files (see docs)
Only show uncategorized files to the owner or superuser if permissions are active
Add an edit button to the file widget which opens edit file pop-up
Refactored directory list view for significant performance increases
Remove thumbnail generation from the directory list view request response cycle
Support for upload of webp images
Optional support for upload of heif images
Add Django 4.2 support
Add thumbnail view for faster visual management of image libraries
Fix File.objects.only() query required for deleting user who own files.
Fix several CSS quirks
Fix folder widget
Remove unused css from delete confirmation view and move file view
Add Pillow 10 compatibility
Update translations (de/fr/nl)
2.2.5 (2023-06-11)
Security patch (django-cms/django-filer#1352):
While admin options shown correctly represented the user rights, some admin
end-points were available directly. A staff user without any permissions
could browse the filer folder structure, list files in a folder, add files,
and move files and folders.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
1 year ago
Bumps django-filer from 2.0.2 to 3.0.3.
Release notes
Sourced from django-filer's releases.
... (truncated)
Changelog
Sourced from django-filer's changelog.
... (truncated)
Commits
a01ab6bfeat: add changelog version (#1398)62a843aFix: actions.js error thrown in js console (#1397)3cac8a4fix: crash in the file detail view (#1395)3ce96c2Fix copy folder being broken after django-mptt removal (#1393)83e209ffix: bump version and add changelog entry (#1390)9c8a5befix: Do not disable action buttons after using cancel or back button (#1391)6e41747fix: Prevent server errors in image detail view if images do not exist (#1389)fdd4d64fix: Allow copy with empty suffix (#1386)71d16cafeat: add version in filer and also on changelog (#1385)45ef9eefix: issues with filer image crash when trying to generate thumbnail (#1384)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)