Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: django-commons/django-debug-toolbar
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: main
Choose a base ref
...
head repository: django-commons/django-debug-toolbar
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.11.x
Choose a head ref
Checking mergeability… Don’t worry, you can still create the pull request.
  • 1 commit
  • 26 files changed
  • 1 contributor

Commits on Apr 14, 2021

  1. Merge pull request from GHSA-pghf-347x-c2gj 

    * Changes required to support v1.11.x branch

Pin requirements to work with python2.7.

Style corrections to get tox to pass.

Pinning requirements for tox.

Setup github test action for v1.X branch

Convert to current tox file.

Update requirements.

Django requires session middleware now.

Remove python3.4 from github actions. It's not supported.

Remove docs from tox.

Support PostgresJSON test.

Format code according to black and isort.

Skip tests that are invalid for old versions.

* Fix CVE-2021-30459 by creating signature from all data fields.

Backport of 1c6ba3c1302bf545f8356dcd26255ab7db1ec408

Create a signature based on all fields in the form and attach
to validate that the data being sent back is what the server
generated initially.

Force the values to a string for signing.

Remove hashing mechanism from forms.

* Bump to version 1.11.1
    @tim-schilling
    tim-schilling authored Apr 14, 2021
    Configuration menu
    Copy the full SHA
    bc08f69 View commit details
    Browse the repository at this point in the history
Loading