Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump wagtail from 2.15.3 to 5.1.3 #1323

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 23, 2023

Bumps wagtail from 2.15.3 to 5.1.3.

Release notes

Sourced from wagtail's releases.

5.1.3

  • Fix: CVE-2023-45809: Disclosure of user names via admin bulk action views (Matt Westcott)
  • Fix: Fix SnippetBulkAction not respecting models definition (Sandro Rodrigues)
  • Fix: Correctly quote non-numeric primary keys on snippet inspect view (Sage Abdullah)
  • Fix: Prevent crash on snippet inspect view when displaying a null foreign key to an image (Sage Abdullah)
  • Fix: Populate the correct return value when creating a new snippet within the snippet chooser (claudobahn)
  • Fix: Reinstate missing filter by page type on page search (Matt Westcott)
  • Fix: Use the correct action log when creating a redirect (Thibaud Colas)

5.1.2

  • Fix: Avoid use of ignore_conflicts when creating extra permissions for snippets, for SQL Server compatibility (Sage Abdullah)
  • Fix: Ensure sequence on wagtailsearchpromotions_query table is correctly set after migrating data (Jake Howard)
  • Fix: Change spreadsheet export headings to match listing view column headings (Christer Jensen, Sage Abdullah)
  • Fix: Fix numbers, booleans, and None from being exported as strings (Christer Jensen)
  • Fix: Restore fallback on full-word search for snippet choosers and generic index views (Matt Westcott)
  • Fix: Restore compatibility with pre-7.15 versions of the Elasticsearch Python library, allowing use of Opensearch (Matt Westcott)
  • Fix: Fix error when pickling BaseSiteSetting instances (Matt Westcott)
  • Maintenance: For Python 3.13 support - upgrade Willow to v1.6.2, replace imghdr with Willow's built-in MIME type detection (Jake Howard)

5.1.1

  • Introduce wagtail.admin.ui.tables.BooleanColumn to display boolean values as icons (Sage Abdullah)
  • Fix: Show not-None falsy values instead of blank in generic table cell template (Sage Abdullah)
  • Fix: Fix read_only panels for fields with translatable choice labels (Florent Lebreton)

5.1

  • Add support for read-only FieldPanels (Andy Babic)
  • Add support for query-time boosting to Elasticsearch 6 and above (Shohan Dutta Roy)
  • Add support for Elasticsearch 8 (Matt Westcott, Wesley van Lee)
  • Mark calls to md5 as not being used for secure purposes, to avoid flagging on FIPS-mode systems (Sean Kelly)
  • Return filters from parse_query_string as a QueryDict to support multiple values (Aman Pandey)
  • Explicitly specify MenuItem.name for all admin menu and submenu items (Justin Koestinger)
  • Add oEmbed provider patterns for YouTube Shorts and YouTube Live URLs (valnuro, Fabien Le Frapper)
  • Add initial implementation of PagePermissionPolicy (Sage Abdullah)
  • Refactor UserPagePermissionsProxy and PagePermissionTester to use PagePermissionPolicy (Sage Abdullah, Tidiane Dia)
  • Add a predictable default ordering of the "Object/Other permissions" in the Group Editing view, allow this ordering to be customised (Daniel Kirkham)
  • Add AbstractImage.get_renditions() for efficient generation of multiple renditions (Andy Babic)
  • Optimise queries in collection permission policies using cache on the user object (Sage Abdullah)
  • Phone numbers entered via a link chooser will now have any spaces stripped out, ensuring a valid href="tel:..." attribute (Sahil Jangra)
  • Auto-select the StreamField block when only one block type is declared (Sébastien Corbin)
  • Add support for more advanced Draftail customisation APIs (Thibaud Colas)
  • Add the ability to export snippets listing via SnippetViewSet.list_export (Sage Abdullah)
  • Add support for adding HTML attrs on FieldPanel, FieldRowPanel, MultiFieldPanel, and others (Aman Pandey, Antoni Martyniuk, LB (Ben) Johnston)
  • Add support for --template option to wagtail start (Thibaud Colas)
  • Change to always cache renditions (Jake Howard)
  • Update link/document rich text tooltips for consistency with the inline toolbar (Albina Starykova)
  • Increase the contrast between the rich text / StreamField block picker and the page in dark mode (Albina Starykova)
  • Purge revisions of non-page models in purge_revisions command (Sage Abdullah)
  • Add support for AVIF images (Aman Pandey)
  • Change the default WebP quality to 80 to match AVIF (Aman Pandey)
  • Adopt optimised Wagtail logo in the admin interface (Albina Starykova)

... (truncated)

Changelog

Sourced from wagtail's changelog.

5.1.3 (19.10.2023)


 * Fix: CVE-2023-45809: Disclosure of user names via admin bulk action views (Matt Westcott)
 * Fix: Fix `SnippetBulkAction` not respecting `models` definition (Sandro Rodrigues)
 * Fix: Correctly quote non-numeric primary keys on snippet inspect view (Sage Abdullah)
 * Fix: Prevent crash on snippet inspect view when displaying a null foreign key to an image (Sage Abdullah)
 * Fix: Populate the correct return value when creating a new snippet within the snippet chooser (claudobahn)
 * Fix: Reinstate missing filter by page type on page search (Matt Westcott)
 * Fix: Use the correct action log when creating a redirect (Thibaud Colas)

5.1.2 (25.09.2023)

  • Fix: Avoid use of ignore_conflicts when creating extra permissions for snippets, for SQL Server compatibility (Sage Abdullah)
  • Fix: Ensure sequence on wagtailsearchpromotions_query table is correctly set after migrating data (Jake Howard)
  • Fix: Change spreadsheet export headings to match listing view column headings (Christer Jensen, Sage Abdullah)
  • Fix: Fix numbers, booleans, and None from being exported as strings (Christer Jensen)
  • Fix: Restore fallback on full-word search for snippet choosers and generic index views (Matt Westcott)
  • Fix: Restore compatibility with pre-7.15 versions of the Elasticsearch Python library, allowing use of Opensearch (Matt Westcott)
  • Fix: Fix error when pickling BaseSiteSetting instances (Matt Westcott)
  • Maintenance: For Python 3.13 support - upgrade Willow to v1.6.2, replace imghdr with Willow's built-in MIME type detection (Jake Howard)

5.1.1 (14.08.2023)


 * Introduce `wagtail.admin.ui.tables.BooleanColumn` to display boolean values as icons (Sage Abdullah)
 * Fix: Show not-`None` falsy values instead of blank in generic table cell template (Sage Abdullah)
 * Fix: Fix `read_only` panels for fields with translatable choice labels (Florent Lebreton)

5.1 (01.08.2023)


 * Add support for read-only FieldPanels (Andy Babic)
 * Add support for query-time boosting to Elasticsearch 6 and above (Shohan Dutta Roy)
 * Add support for Elasticsearch 8 (Matt Westcott, Wesley van Lee)
 * Mark calls to `md5` as not being used for secure purposes, to avoid flagging on FIPS-mode systems (Sean Kelly)
 * Return filters from `parse_query_string` as a `QueryDict` to support multiple values (Aman Pandey)
 * Explicitly specify `MenuItem.name` for all admin menu and submenu items (Justin Koestinger)
 * Add oEmbed provider patterns for YouTube Shorts and YouTube Live URLs (valnuro, Fabien Le Frapper)
 * Add initial implementation of `PagePermissionPolicy` (Sage Abdullah)
 * Refactor `UserPagePermissionsProxy` and `PagePermissionTester` to use `PagePermissionPolicy` (Sage Abdullah, Tidiane Dia)
 * Add a predictable default ordering of the "Object/Other permissions" in the Group Editing view, allow this ordering to be customised (Daniel Kirkham)
 * Add `AbstractImage.get_renditions()` for efficient generation of multiple renditions (Andy Babic)
 * Optimise queries in collection permission policies using cache on the user object (Sage Abdullah)
 * Phone numbers entered via a link chooser will now have any spaces stripped out, ensuring a valid href="tel:..." attribute (Sahil Jangra)
 * Auto-select the `StreamField` block when only one block type is declared (Sébastien Corbin)
</tr></table> 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>

<ul>
<li><a href="https://github.com/wagtail/wagtail/commit/582d4d9720ddb543a7327f6c75db1b7e9ec534e7&quot;&gt;&lt;code&gt;582d4d9&lt;/code&gt;&lt;/a> Version bump to 5.1.3</li>
<li><a href="https://github.com/wagtail/wagtail/commit/b0b70b1a2eda91976f988b2a52ff78436e711cf8&quot;&gt;&lt;code&gt;b0b70b1&lt;/code&gt;&lt;/a> Release note for CVE-2023-45809 in 5.1.3 (and fill in release date)</li>
<li><a href="https://github.com/wagtail/wagtail/commit/aa838f393d34a8b33e6a1811f9e89ec76c811a81&quot;&gt;&lt;code&gt;aa838f3&lt;/code&gt;&lt;/a> Add 5.0.5 release note page</li>
<li><a href="https://github.com/wagtail/wagtail/commit/bc1178853114f6d06c0460fc40dfbda3ae3bb573&quot;&gt;&lt;code&gt;bc11788&lt;/code&gt;&lt;/a> Release note for CVE-2023-45809 in 5.0.5</li>
<li><a href="https://github.com/wagtail/wagtail/commit/c8c313e077e87cc6d68e25860a38997c1f82b3f2&quot;&gt;&lt;code&gt;c8c313e&lt;/code&gt;&lt;/a> Release note for CVE-2023-45809 in 4.1.9</li>
<li><a href="https://github.com/wagtail/wagtail/commit/bc96aed6ac53f998b2f4c4bf97e2d4f5fe337e5b&quot;&gt;&lt;code&gt;bc96aed&lt;/code&gt;&lt;/a> Redirect away from user bulk actions when user has no permissions on users</li>
<li><a href="https://github.com/wagtail/wagtail/commit/190af7887d39ab6a1a2c3c3b389c2d44c121a2b1&quot;&gt;&lt;code&gt;190af78&lt;/code&gt;&lt;/a> Add release notes for <a href="https://redirect.github.com/wagtail/wagtail/issues/11080&quot;&gt;#11080&lt;/a>, <a href="https://redirect.github.com/wagtail/wagtail/issues/11081&quot;&gt;#11081&lt;/a> in v5.1.3</li>
<li><a href="https://github.com/wagtail/wagtail/commit/087d566ef636bcbb366b894d9f3d70c5160504ec&quot;&gt;&lt;code&gt;087d566&lt;/code&gt;&lt;/a> Use the correct action log when creating a redirect</li>
<li><a href="https://github.com/wagtail/wagtail/commit/6595b3dc04880c5fa03ae6d44d042fa324a0972a&quot;&gt;&lt;code&gt;6595b3d&lt;/code&gt;&lt;/a> Docs - Fix typo for migration command in the section under Tag posts</li>
<li><a href="https://github.com/wagtail/wagtail/commit/893143b5abc8116a3d8d692a40437db659b2818f&quot;&gt;&lt;code&gt;893143b&lt;/code&gt;&lt;/a> Fix port number in tutorial</li>
<li>Additional commits viewable in <a href="https://github.com/wagtail/wagtail/compare/v2.15.3...v5.1.3&quot;&gt;compare view</a></li>
</ul>
</details>

<br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 23, 2023
Bumps [wagtail](https://github.com/wagtail/wagtail) from 2.15.3 to 5.1.3.
- [Release notes](https://github.com/wagtail/wagtail/releases)
- [Changelog](https://github.com/wagtail/wagtail/blob/main/CHANGELOG.txt)
- [Commits](wagtail/wagtail@v2.15.3...v5.1.3)

---
updated-dependencies:
- dependency-name: wagtail
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/wagtail-5.1.3 branch from 6592b09 to d9378f4 Compare October 31, 2023 20:27
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 6, 2023

Superseded by #1345.

@dependabot dependabot bot closed this Nov 6, 2023
@dependabot dependabot bot deleted the dependabot/pip/wagtail-5.1.3 branch November 6, 2023 19:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants