All Versions
32
Latest Version
Avg Release Cycle
33 days
Latest Release
2 days ago

Changelog History
Page 1

  • v2.10

    August 11, 2020
    • βž• Added Django 3.1 support (Matt Westcott, Karl Hobley)
    • βœ‚ Removed support for Python 3.5
    • πŸ”§ Implemented configurable moderation workflow (Jacob Topp-Mugglestone, Karl Hobley, Matt Westcott, Dan Braghis)
    • Implemented phrase searching and structured search query expressions (Karl Hobley)
    • βž• Add ability to import redirects from an uploaded file (CSV, TSV, XLS, and XLSX) (Martin SandstrΓΆm)
    • Added webpquality and format-webp-lossless image filters and WAGTAILIMAGES_WEBP_QUALITY setting (Nikolay Lukyanov)
    • 🐳 Reorganised Dockerfile in project template to follow best practices (Tomasz Knapik, Jannik Wempe)
    • βž• Added filtering to locked pages report (Karl Hobley)
    • βž• Adds ability to view a group's users via standalone admin URL and a link to this on the group edit view (Karran Besen)
    • Redirect to previous url when deleting/copying/unpublish a page and modify this url via the relevant hooks (Ascani Carlo)
    • Added next_url keyword argument on register_page_listing_buttons and register_page_listing_more_buttons hooks (Ascani Carlo, Matt Westcott, LB (Ben Johnston))
    • AbstractEmailForm will use SHORT_DATETIME_FORMAT and SHORT_DATE_FORMAT Django settings to format date/time values in email (Haydn Greatnews)
    • πŸ— AbstractEmailForm now has a separate method (render_email) to build up email content on submission emails (Haydn Greatnews)
    • Add pre_page_move and post_page_move signals (Andy Babic)
    • βž• Add ability to sort search promotions on listing page (Chris Ranjana, LB (Ben Johnston))
    • ⬆️ Upgrade internal JS tooling; Node v10, Gulp v4 & Jest v23 (Jim Jazwiecki, Kim LaRocca, Thibaud Colas)
    • Add after_publish_page, before_publish_page, after_unpublish_page & before_unpublish_page hooks (Jonatas Baldin, Coen van der Kamp)
    • βž• Add convenience page_url shortcut to improve how page URLs can be accessed from site settings in Django templates (Andy Babic)
    • πŸ‘‰ Show more granular error messages from Pillow when uploading images (Rick van Hattem)
    • βž• Add ordering to Site object, so that index page and Site switcher will be sorted consistently (Coen van der Kamp, Tim Leguijt)
    • βž• Add Reddit to oEmbed provider list (Luke Hardwick)
    • βž• Add ability to replace the default Wagtail logo in the userbar, via branding_logo block (Meteor0id)
    • βœ‚ Remove sticky footer on small devices, so that content is not blocked and more easily editable (Saeed Tahmasebi)
    • βž• Add alt property to ImageRenditionField api representation (Liam Mullens)
    • βž• Add purge_revisions management command to purge old page revisions (Jacob Topp-Mugglestone, Tom Dyson)
    • Render the Wagtail User Bar on non Page views (Caitlin White, Coen van der Kamp)
    • βž• Add ability to define form_classname on ListBlock & StreamBlock (LB (Ben Johnston))
    • βž• Add documentation about how to use Rustface for image feature detection (Neal Todd)
    • πŸ‘Œ Improve performance of public/not_public queries in PageQuerySet (Timothy Bautista)
    • βž• Add add_redirect static method to Redirect class for programmatic redirect creation (Brylie Christopher Oxley, Lacey Williams Henschel)
    • βž• Add reference documentation for wagtail.contrib.redirects (LB (Ben Johnston))
    • 🚚 bulk_delete page permission is no longer required to move pages, even if those pages have children (Robert Rollins, LB (Ben Johnston))
    • Add after_edit_snippet, after_create_snippet and after_delete_snippet hooks and documentation (Kalob Taulien)
    • πŸ‘Œ Improve performance of empty search results by avoiding downloading the entire search index in these scenarios (Lars van de Kerkhof, Coen van der Kamp)
    • Replace gulp-sass with gulp-dart-sass to improve core development across different platforms (Thibaud Colas)
    • βž• Add SVG icons to resolve accessibility and customisation issues and start using them in a subset of Wagtail's admin (Coen van der Kamp, Scott Cranfill, Thibaud Colas, Dan Braghis)
    • Switch userbar and header H1s to use SVG icons (Coen van der Kamp)
    • βœ‚ Remove markup around rich text rendering by default, provide a way to use old behaviour via wagtail.contrib.legacy.richtext (Coen van der Kamp, Dan Braghis)
    • Apply title length normalisation to improve ranking on PostgreSQL search (Karl Hobley)
    • Add WAGTAIL_TIME_FORMAT setting (Jacob Topp-Mugglestone)
    • Allow omitting the default editor from WAGTAILADMIN_RICH_TEXT_EDITORS (Gassan Gousseinov)
    • Disable password auto-completion on user creation form (Samir Shah)
    • ⬆️ Upgrade jQuery to version 3.5.1 to reduce penetration testing false positives (Matt Westcott)
    • βž• Add ability to extend EditHandler without a children attribute (Seb Brown)
    • Page.objects.specific now gracefully handles pages with missing specific records (Andy Babic)
    • StreamField 'add' buttons are now disabled when maximum count is reached (Max Gabrielsson)
    • πŸ— Use underscores for form builder field names to allow use as template variables (Ashia Zawaduk, LB (Ben Johnston))
    • πŸ— Deprecate use of unidecode within form builder field names (Michael van Tellingen, LB (Ben Johnston))
    • πŸ‘Œ Improve error feedback when editing a page with a missing model class (Andy Babic)
    • πŸ”’ Change Wagtail tabs implementation to only allow slug-formatted tab identifiers, reducing false positives from security audits (Matt Westcott)
    • βž• Add skip link for keyboard users to bypass Wagtail navigation in the admin (Martin Coote)
    • Ensure errors during Postgres search indexing are left uncaught to assist troubleshooting (Karl Hobley)
    • βž• Add ability to edit images and embeds in rich text editor (Maylon Pedroso, Samuel Mendes, Gabriel Peracio)
    • πŸ›  Fix: Support IPv6 domain (Alex Gleason, Coen van der Kamp)
    • πŸ›  Fix: Ensure link to add a new user works when no users are visible in the users list (LB (Ben Johnston))
    • πŸ›  Fix: AbstractEmailForm saved submission fields are now aligned with the email content fields, form.cleaned_data will be used instead of form.fields (Haydn Greatnews)
    • πŸ›  Fix: Removed ARIA role="table" from TableBlock output (Thibaud Colas)
    • πŸ›  Fix: Set Cache-Control header to prevent page preview responses from being cached (Tomas Walch)
    • πŸ›  Fix: Accept unicode characters in slugs on the "copy page" form (FranΓ§ois Poulain)
    • πŸ›  Fix: Remove top padding when FieldRowPanel is used inside a MultiFieldPanel (JΓ©rΓ΄me Lebleu)
    • πŸ›  Fix: Add Wagtail User Bar back to page previews and ensure moderation actions are available (Coen van der Kamp)
    • πŸ›  Fix: Resolve issue where queryset annotations were lost (e.g. .annotate_score()) when using specific models in page query (Dan Bentley)
    • πŸ›  Fix: Prevent date/time picker from losing an hour on losing focus when 12-hour times are in use (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Strip out HTML tags from RichTextField & RichTextBlock search index content (Timothy Bautista)
    • πŸ›  Fix: Avoid using null on string Site.site_name blank values to avoid different values for no name (Coen van der Kamp)
    • πŸ›  Fix: Fix deprecation warnings on Elasticsearch 7 (Yngve HΓΈiseth)
    • πŸ›  Fix: Remove use of Node.forEach for IE 11 compatibility in admin menu items (Thibaud Colas)
    • πŸ›  Fix: Fix incorrect method name in SiteMiddleware deprecation warning (LB (Ben Johnston))
    • πŸ›  Fix: wagtail.contrib.sitemaps no longer depends on SiteMiddleware (Matt Westcott)
    • πŸ›  Fix: Purge image renditions cache when renditions are deleted (Pascal Widdershoven, Matt Westcott)
    • πŸ›  Fix: Image / document forms now display non-field errors such as unique_together constraints (Matt Westcott)
    • πŸ›  Fix: Make "Site" chooser in site settings translateable (Andreas Bernacca)
    • πŸ›  Fix: Add missing dropdown icons to image upload, document upload, and site settings screens (Andreas Bernacca)
    • πŸ›  Fix: Prevent snippets’ bulk delete button from being present for screen reader users when it’s absent for sighted users (LB (Ben Johnston))
    • πŸ›  Fix: Fix group permission checkboxes not being clickable in IE11 (LB (Ben Johnston))
  • v2.10.rc2

    July 31, 2020

    πŸ›  Fixes from 2.10rc1:

    • βž• Add missing SVG icons for optional rich text features (Dan Braghis)
    • πŸ›  Fix has_changed detection on StreamField, to allow non-linear workflows to continue working (Jacob Topp-Mugglestone)
    • πŸ— Restore ability to import SubmissionsListView into models.py files for use in form builder (Matt Westcott)
  • v2.10.rc1

    July 27, 2020
    • βœ‚ Removed support for Python 3.5
    • πŸ”§ Implemented configurable moderation workflow (Jacob Topp-Mugglestone, Karl Hobley, Matt Westcott, Dan Braghis)
    • Implemented phrase searching and structured search query expressions (Karl Hobley)
    • βž• Add ability to import redirects from an uploaded file (CSV, TSV, XLS, and XLSX) (Martin SandstrΓΆm)
    • Added webpquality and format-webp-lossless image filters and WAGTAILIMAGES_WEBP_QUALITY setting (Nikolay Lukyanov)
    • 🐳 Reorganised Dockerfile in project template to follow best practices (Tomasz Knapik, Jannik Wempe)
    • βž• Added filtering to locked pages report (Karl Hobley)
    • βž• Adds ability to view a group's users via standalone admin URL and a link to this on the group edit view (Karran Besen)
    • Redirect to previous url when deleting/copying/unpublish a page and modify this url via the relevant hooks (Ascani Carlo)
    • Added next_url keyword argument on register_page_listing_buttons and register_page_listing_more_buttons hooks (Ascani Carlo, Matt Westcott, LB (Ben Johnston))
    • AbstractEmailForm will use SHORT_DATETIME_FORMAT and SHORT_DATE_FORMAT Django settings to format date/time values in email (Haydn Greatnews)
    • πŸ— AbstractEmailForm now has a separate method (render_email) to build up email content on submission emails (Haydn Greatnews)
    • Add pre_page_move and post_page_move signals (Andy Babic)
    • βž• Add ability to sort search promotions on listing page (Chris Ranjana, LB (Ben Johnston))
    • ⬆️ Upgrade internal JS tooling; Node v10, Gulp v4 & Jest v23 (Jim Jazwiecki, Kim LaRocca, Thibaud Colas)
    • Add after_publish_page, before_publish_page, after_unpublish_page & before_unpublish_page hooks (Jonatas Baldin, Coen van der Kamp)
    • βž• Add convenience page_url shortcut to improve how page URLs can be accessed from site settings in Django templates (Andy Babic)
    • πŸ‘‰ Show more granular error messages from Pillow when uploading images (Rick van Hattem)
    • βž• Add ordering to Site object, so that index page and Site switcher will be sorted consistently (Coen van der Kamp, Tim Leguijt)
    • βž• Add Reddit to oEmbed provider list (Luke Hardwick)
    • βž• Add ability to replace the default Wagtail logo in the userbar, via branding_logo block (Meteor0id)
    • βœ‚ Remove sticky footer on small devices, so that content is not blocked and more easily editable (Saeed Tahmasebi)
    • βž• Add alt property to ImageRenditionField api representation (Liam Mullens)
    • βž• Add purge_revisions management command to purge old page revisions (Jacob Topp-Mugglestone, Tom Dyson)
    • Render the Wagtail User Bar on non Page views (Caitlin White, Coen van der Kamp)
    • βž• Add ability to define form_classname on ListBlock & StreamBlock (LB (Ben Johnston))
    • βž• Add documentation about how to use Rustface for image feature detection (Neal Todd)
    • πŸ‘Œ Improve performance of public/not_public queries in PageQuerySet (Timothy Bautista)
    • βž• Add add_redirect static method to Redirect class for programmatic redirect creation (Brylie Christopher Oxley, Lacey Williams Henschel)
    • βž• Add reference documentation for wagtail.contrib.redirects (LB (Ben Johnston))
    • 🚚 bulk_delete page permission is no longer required to move pages, even if those pages have children (Robert Rollins, LB (Ben Johnston))
    • Add after_edit_snippet, after_create_snippet and after_delete_snippet hooks and documentation (Kalob Taulien)
    • πŸ‘Œ Improve performance of empty search results by avoiding downloading the entire search index in these scenarios (Lars van de Kerkhof, Coen van der Kamp)
    • Replace gulp-sass with gulp-dart-sass to improve core development across different platforms (Thibaud Colas)
    • βž• Add SVG icons to resolve accessibility and customisation issues and start using them in a subset of Wagtail's admin (Coen van der Kamp, Scott Cranfill, Thibaud Colas, Dan Braghis)
    • Switch userbar and header H1s to use SVG icons (Coen van der Kamp)
    • βœ‚ Remove markup around rich text rendering by default, provide a way to use old behaviour via wagtail.contrib.legacy.richtext (Coen van der Kamp, Dan Braghis)
    • Apply title length normalisation to improve ranking on PostgreSQL search (Karl Hobley)
    • Add WAGTAIL_TIME_FORMAT setting (Jacob Topp-Mugglestone)
    • Allow omitting the default editor from WAGTAILADMIN_RICH_TEXT_EDITORS (Gassan Gousseinov)
    • Disable password auto-completion on user creation form (Samir Shah)
    • ⬆️ Upgrade jQuery to version 3.5.1 to reduce penetration testing false positives (Matt Westcott)
    • βž• Add ability to extend EditHandler without a children attribute (Seb Brown)
    • Page.objects.specific now gracefully handles pages with missing specific records (Andy Babic)
    • StreamField 'add' buttons are now disabled when maximum count is reached (Max Gabrielsson)
    • πŸ— Use underscores for form builder field names to allow use as template variables (Ashia Zawaduk, LB (Ben Johnston))
    • πŸ— Deprecate use of unidecode within form builder field names (Michael van Tellingen, LB (Ben Johnston))
    • πŸ‘Œ Improve error feedback when editing a page with a missing model class (Andy Babic)
    • πŸ”’ Change Wagtail tabs implementation to only allow slug-formatted tab identifiers, reducing false positives from security audits (Matt Westcott)
    • βž• Add skip link for keyboard users to bypass Wagtail navigation in the admin (Martin Coote)
    • Ensure errors during Postgres search indexing are left uncaught to assist troubleshooting (Karl Hobley)
    • βž• Add ability to edit images and embeds in rich text editor (Maylon Pedroso, Samuel Mendes, Gabriel Peracio)
    • πŸ›  Fix: Support IPv6 domain (Alex Gleason, Coen van der Kamp)
    • πŸ›  Fix: Ensure link to add a new user works when no users are visible in the users list (LB (Ben Johnston))
    • πŸ›  Fix: AbstractEmailForm saved submission fields are now aligned with the email content fields, form.cleaned_data will be used instead of form.fields (Haydn Greatnews)
    • πŸ›  Fix: Removed ARIA role="table" from TableBlock output (Thibaud Colas)
    • πŸ›  Fix: Set Cache-Control header to prevent page preview responses from being cached (Tomas Walch)
    • πŸ›  Fix: Accept unicode characters in slugs on the "copy page" form (FranΓ§ois Poulain)
    • πŸ›  Fix: Remove top padding when FieldRowPanel is used inside a MultiFieldPanel (JΓ©rΓ΄me Lebleu)
    • πŸ›  Fix: Add Wagtail User Bar back to page previews and ensure moderation actions are available (Coen van der Kamp)
    • πŸ›  Fix: Resolve issue where queryset annotations were lost (e.g. .annotate_score()) when using specific models in page query (Dan Bentley)
    • πŸ›  Fix: Prevent date/time picker from losing an hour on losing focus when 12-hour times are in use (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Strip out HTML tags from RichTextField & RichTextBlock search index content (Timothy Bautista)
    • πŸ›  Fix: Avoid using null on string Site.site_name blank values to avoid different values for no name (Coen van der Kamp)
    • πŸ›  Fix: Fix deprecation warnings on Elasticsearch 7 (Yngve HΓΈiseth)
    • πŸ›  Fix: Remove use of Node.forEach for IE 11 compatibility in admin menu items (Thibaud Colas)
    • πŸ›  Fix: Fix incorrect method name in SiteMiddleware deprecation warning (LB (Ben Johnston))
    • πŸ›  Fix: wagtail.contrib.sitemaps no longer depends on SiteMiddleware (Matt Westcott)
    • πŸ›  Fix: Purge image renditions cache when renditions are deleted (Pascal Widdershoven, Matt Westcott)
    • πŸ›  Fix: Image / document forms now display non-field errors such as unique_together constraints (Matt Westcott)
    • πŸ›  Fix: Make "Site" chooser in site settings translateable (Andreas Bernacca)
    • πŸ›  Fix: Add missing dropdown icons to image upload, document upload, and site settings screens (Andreas Bernacca)
    • πŸ›  Fix: Prevent snippets’ bulk delete button from being present for screen reader users when it’s absent for sighted users (LB (Ben Johnston))
    • πŸ›  Fix: Fix group permission checkboxes not being clickable in IE11 (LB (Ben Johnston))
  • v2.9.3

    July 20, 2020

    CVE-2020-15118 - prevent HTML injection through form field help text (Timothy Bautista, Matt Westcott)

  • v2.9.2

    July 03, 2020
    • πŸ›  Fix: Prevent startup failure when wagtail.contrib.sitemaps is in INSTALLED_APPS (Matt Westcott)
  • v2.9.1

    June 30, 2020
    • πŸ›  Fix: Fix incorrect method name in SiteMiddleware deprecation warning (LB (Ben Johnston))
    • πŸ›  Fix: wagtail.contrib.sitemaps no longer depends on SiteMiddleware (Matt Westcott)
    • πŸ›  Fix: Purge image renditions cache when renditions are deleted (Pascal Widdershoven, Matt Westcott)
  • v2.9

    May 04, 2020
    • βœ‚ Removed support for Django 2.1
    • βž• Added data exports in XLSX and CSV format for reports, ModelAdmin and form submissions (Jacob Topp-Mugglestone)
    • βž• Added support for creating custom reports (Jacob Topp-Mugglestone)
    • Skip page validation when unpublishing a page (Samir Shah)
    • βž• Added MultipleChoiceBlock block type for StreamField (James O'Toole)
    • ChoiceBlock now accepts a widget keyword argument (James O'Toole)
    • ⬇️ Reduced contrast of rich text toolbar (Jack Paine)
    • πŸ‘Œ Support the rel attribute on custom ModelAdmin buttons (Andy Chosak)
    • πŸ‘ Server-side page slug generation now respects WAGTAIL_ALLOW_UNICODE_SLUGS (Arkadiusz MichaΕ‚ RyΕ›)
    • Wagtail admin no longer depends on SiteMiddleware, avoiding incompatibility with Django sites framework and redundant database queries (aritas1, timmysmalls, Matt Westcott)
    • 🏷 Tag field autocompletion now handles custom tag models (Matt Westcott)
    • wagtail_serve URL route can now be omitted for headless sites (Storm Heg)
    • πŸ‘ Allow free tagging to be disabled on custom tag models (Matt Westcott)
    • πŸ‘ Allow disabling page preview by setting preview_modes to an empty list (Casper Timmers)
    • βž• Add Vidyard to oEmbed provider list (Steve Lyall)
    • Optimise compiling media definitions for complex StreamBlocks (pimarc)
    • FieldPanel now accepts a 'heading' argument (Jacob Topp-Mugglestone)
    • πŸ—„ Replaced deprecated ugettext / ungettext calls with gettext / ngettext (Mohamed Feddad)
    • ListBlocks now call child block bulk_to_python if defined (Andy Chosak)
    • Site settings are now identifiable/cachable by request as well as site (Andy Babic)
    • βž• Added select_related attribute to site settings to enable more efficient fetching of foreign key values (Andy Babic)
    • βž• Add caching of image renditions (Tom Dyson, Tim Kamanin)
    • βž• Add documentation for reporting security issues and internationalisation (Matt Westcott)
    • Fields on a custom image model can now be defined as required blank=False (Matt Westcott)
    • πŸ›  Fix: CVE-2020-11037 - avoid potential timing attack on password-protected private pages (Thibaud Colas)
    • πŸ›  Fix: Added ARIA alert role to live search forms in the admin (Casper Timmers)
    • πŸ›  Fix: Reorder login form elements to match expected tab order (Kjartan Sverrisson)
    • πŸ›  Fix: Re-add 'Close Explorer' button on mobile viewports (SΓ¦var Γ–fjΓΆrΓ° MagnΓΊsson)
    • πŸ›  Fix: Add a more descriptive label to Password reset link for screen reader users (Casper Timmers, Martin Coote)
    • πŸ›  Fix: Improve Wagtail logo contrast by adding a background (Brian Edelman, Simon Evans, Ben Enright)
    • πŸ›  Fix: Prevent duplicate notification messages on page locking (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Fix InlinePanel item non field errors not visible (Storm Heg)
    • πŸ›  Fix: {% image ... as var %} now clears the context variable when passed None as an image (Maylon Pedroso)
    • πŸ›  Fix: refresh_index method on Elasticsearch no longer fails (Lars van de Kerkhof)
    • πŸ›  Fix: Document tags no longer fail to update when replacing the document file at the same time (Matt Westcott)
    • πŸ›  Fix: Prevent error from very tall / wide images being resized to 0 pixels (Fidel Ramos)
    • πŸ›  Fix: Remove excess margin when editing snippets (Quadric)
    • πŸ›  Fix: Added scope attribute to table headers in TableBlock output (Quadric)
    • πŸ›  Fix: Prevent KeyError when accessing a StreamField on a deferred queryset (Paulo Alvarado)
    • πŸ›  Fix: Hide empty 'view live' links (Karran Besen)
    • πŸ›  Fix: Mark up a few strings for translation (Luiz Boaretto)
    • πŸ›  Fix: Invalid focal_point attribute on image edit view (MichaΕ‚ (Quadric) Sieradzki)
    • πŸ›  Fix: No longer expose the .delete() method on the default Page.objects manager (Nick Smith)
    • Fix: exclude_fields_in_copy on Page models will now work for for modelcluster parental / many to many relations (LB (Ben Johnston))
    • πŸ›  Fix: Response header (content disposition) now correctly handles filenames with non-ascii characters when using a storage backend (Rich Brennan)
    • πŸ›  Fix: Improved accessibility fixes for main, header and footer elements in the admin page layout (Mitchel Cabuloy)
    • πŸ›  Fix: Prevent version number from obscuring long settings menus (Naomi Morduch Toubman)
    • πŸ›  Fix: Admin views using TemplateResponse now respect the user's language setting (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Fixed incorrect language code for Japanese in language setting dropdown (Tomonori Tanabe)
  • v2.9.rc1

    April 21, 2020
    • βœ‚ Removed support for Django 2.1
    • βž• Added data exports in XLSX and CSV format for reports, ModelAdmin and form submissions (Jacob Topp-Mugglestone)
    • βž• Added support for creating custom reports (Jacob Topp-Mugglestone)
    • Skip page validation when unpublishing a page (Samir Shah)
    • βž• Added MultipleChoiceBlock block type for StreamField (James O'Toole)
    • ChoiceBlock now accepts a widget keyword argument (James O'Toole)
    • ⬇️ Reduced contrast of rich text toolbar (Jack Paine)
    • πŸ‘Œ Support the rel attribute on custom ModelAdmin buttons (Andy Chosak)
    • πŸ‘ Server-side page slug generation now respects WAGTAIL_ALLOW_UNICODE_SLUGS (Arkadiusz MichaΕ‚ RyΕ›)
    • Wagtail admin no longer depends on SiteMiddleware, avoiding incompatibility with Django sites framework and redundant database queries (aritas1, timmysmalls, Matt Westcott)
    • 🏷 Tag field autocompletion now handles custom tag models (Matt Westcott)
    • wagtail_serve URL route can now be omitted for headless sites (Storm Heg)
    • πŸ‘ Allow free tagging to be disabled on custom tag models (Matt Westcott)
    • πŸ‘ Allow disabling page preview by setting preview_modes to an empty list (Casper Timmers)
    • βž• Add Vidyard to oEmbed provider list (Steve Lyall)
    • Optimise compiling media definitions for complex StreamBlocks (pimarc)
    • FieldPanel now accepts a 'heading' argument (Jacob Topp-Mugglestone)
    • πŸ—„ Replaced deprecated ugettext / ungettext calls with gettext / ngettext (Mohamed Feddad)
    • ListBlocks now call child block bulk_to_python if defined (Andy Chosak)
    • Site settings are now identifiable/cachable by request as well as site (Andy Babic)
    • βž• Added select_related attribute to site settings to enable more efficient fetching of foreign key values (Andy Babic)
    • βž• Add caching of image renditions (Tom Dyson, Tim Kamanin)
    • βž• Add documentation for reporting security issues and internationalisation (Matt Westcott)
    • Fields on a custom image model can now be defined as required blank=False (Matt Westcott)
    • πŸ›  Fix: Added ARIA alert role to live search forms in the admin (Casper Timmers)
    • πŸ›  Fix: Reorder login form elements to match expected tab order (Kjartan Sverrisson)
    • πŸ›  Fix: Re-add 'Close Explorer' button on mobile viewports (SΓ¦var Γ–fjΓΆrΓ° MagnΓΊsson)
    • πŸ›  Fix: Add a more descriptive label to Password reset link for screen reader users (Casper Timmers, Martin Coote)
    • πŸ›  Fix: Improve Wagtail logo contrast by adding a background (Brian Edelman, Simon Evans, Ben Enright)
    • πŸ›  Fix: Prevent duplicate notification messages on page locking (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Fix InlinePanel item non field errors not visible (Storm Heg)
    • πŸ›  Fix: {% image ... as var %} now clears the context variable when passed None as an image (Maylon Pedroso)
    • πŸ›  Fix: refresh_index method on Elasticsearch no longer fails (Lars van de Kerkhof)
    • πŸ›  Fix: Document tags no longer fail to update when replacing the document file at the same time (Matt Westcott)
    • πŸ›  Fix: Prevent error from very tall / wide images being resized to 0 pixels (Fidel Ramos)
    • πŸ›  Fix: Remove excess margin when editing snippets (Quadric)
    • πŸ›  Fix: Added scope attribute to table headers in TableBlock output (Quadric)
    • πŸ›  Fix: Prevent KeyError when accessing a StreamField on a deferred queryset (Paulo Alvarado)
    • πŸ›  Fix: Hide empty 'view live' links (Karran Besen)
    • πŸ›  Fix: Mark up a few strings for translation (Luiz Boaretto)
    • πŸ›  Fix: Invalid focal_point attribute on image edit view (MichaΕ‚ (Quadric) Sieradzki)
    • πŸ›  Fix: No longer expose the .delete() method on the default Page.objects manager (Nick Smith)
    • Fix: exclude_fields_in_copy on Page models will now work for for modelcluster parental / many to many relations (LB (Ben Johnston))
    • πŸ›  Fix: Response header (content disposition) now correctly handles filenames with non-ascii characters when using a storage backend (Rich Brennan)
    • πŸ›  Fix: Improved accessibility fixes for main, header and footer elements in the admin page layout (Mitchel Cabuloy)
    • πŸ›  Fix: Prevent version number from obscuring long settings menus (Naomi Morduch Toubman)
    • πŸ›  Fix: Admin views using TemplateResponse now respect the user's language setting (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Fixed incorrect language code for Japanese in language setting dropdown (Tomonori Tanabe)
  • v2.8.2

    May 04, 2020

    CVE-2020-11037 - avoid potential timing attack on password-protected private pages (Thibaud Colas)

  • v2.8.1

    April 14, 2020

    CVE-2020-11001 - prevent XSS attack via page revision comparison view (Vlad Gerasimenko, Matt Westcott)