You MUST use this template when reporting issues. Please make sure you follow the checklist and fill in all of the information sections below.
All versions of django-smart-selects prior to version 1.2.8 are vulnerable to an XSS attack as detailed in issue 171. As a result, all previous versions have been removed from PyPI to prevent users from installing insecure versions. All users are urged to upgrade as soon as possible.
Checklist
Put an x in the bracket when you have completed each task, like this: [x]
[X] This issue is not about installing previous versions of django-smart-selects older than 1.2.8. I understand that previous versions are insecure and will not receive any support whatsoever.
[X] I have verified that that issue exists against the master branch of django-smart-selects.
[X] I have searched for similar issues in both open and closed tickets and cannot find a duplicate.
[X] I have debugged the issue to the smart_selects app.
[X] I have reduced the issue to the simplest possible case.
[X] I have included all relevant sections of models.py, forms.py, and views.py with problems.
Create a Django 5 project using django-smart-selects installed from PyPi.
Try to run the project.
Actual behavior
The latest version of django-smart-selects package which is available on PyPi is 1.6.0. This version is not compatible with Django 5.0, while the latest available on GitHub (1.7.1) is.
ldeluigi
commented
4 days ago
You MUST use this template when reporting issues. Please make sure you follow the checklist and fill in all of the information sections below.
All versions of django-smart-selects prior to version 1.2.8 are vulnerable to an XSS attack as detailed in issue 171. As a result, all previous versions have been removed from PyPI to prevent users from installing insecure versions. All users are urged to upgrade as soon as possible.
Checklist
Put an
xin the bracket when you have completed each task, like this:[x]masterbranch of django-smart-selects.smart_selectsapp.models.py,forms.py, andviews.pywith problems.Steps to reproduce
django-smart-selectsinstalled from PyPi.Actual behavior
The latest version of
django-smart-selectspackage which is available on PyPi is 1.6.0. This version is not compatible with Django 5.0, while the latest available on GitHub (1.7.1) is.In the repository Actions I saw that the following step fails: https://github.com/jazzband/django-smart-selects/actions/runs/8273216022/job/22636552189#step:7:16
This step could be solved by using the help provided by the following StackOverflow answer: https://stackoverflow.com/questions/70435286/resource-not-accessible-by-integration-on-github-post-repos-owner-repo-ac
Expected behavior
Installing the package from PyPi should install the latest version.