All Versions
39
Latest Version
Avg Release Cycle
30 days
Latest Release
190 days ago

Changelog History
Page 2

  • v2.9.3 Changes

    July 20, 2020

    CVE-2020-15118 - prevent HTML injection through form field help text (Timothy Bautista, Matt Westcott)

  • v2.9.2 Changes

    July 03, 2020
    • πŸ›  Fix: Prevent startup failure when wagtail.contrib.sitemaps is in INSTALLED_APPS (Matt Westcott)
  • v2.9.1 Changes

    June 30, 2020
    • πŸ›  Fix: Fix incorrect method name in SiteMiddleware deprecation warning (LB (Ben Johnston))
    • πŸ›  Fix: wagtail.contrib.sitemaps no longer depends on SiteMiddleware (Matt Westcott)
    • πŸ›  Fix: Purge image renditions cache when renditions are deleted (Pascal Widdershoven, Matt Westcott)
  • v2.9 Changes

    May 04, 2020
    • βœ‚ Removed support for Django 2.1
    • βž• Added data exports in XLSX and CSV format for reports, ModelAdmin and form submissions (Jacob Topp-Mugglestone)
    • βž• Added support for creating custom reports (Jacob Topp-Mugglestone)
    • Skip page validation when unpublishing a page (Samir Shah)
    • βž• Added MultipleChoiceBlock block type for StreamField (James O'Toole)
    • ChoiceBlock now accepts a widget keyword argument (James O'Toole)
    • ⬇️ Reduced contrast of rich text toolbar (Jack Paine)
    • πŸ‘Œ Support the rel attribute on custom ModelAdmin buttons (Andy Chosak)
    • πŸ‘ Server-side page slug generation now respects WAGTAIL_ALLOW_UNICODE_SLUGS (Arkadiusz MichaΕ‚ RyΕ›)
    • Wagtail admin no longer depends on SiteMiddleware, avoiding incompatibility with Django sites framework and redundant database queries (aritas1, timmysmalls, Matt Westcott)
    • 🏷 Tag field autocompletion now handles custom tag models (Matt Westcott)
    • wagtail_serve URL route can now be omitted for headless sites (Storm Heg)
    • πŸ‘ Allow free tagging to be disabled on custom tag models (Matt Westcott)
    • πŸ‘ Allow disabling page preview by setting preview_modes to an empty list (Casper Timmers)
    • βž• Add Vidyard to oEmbed provider list (Steve Lyall)
    • Optimise compiling media definitions for complex StreamBlocks (pimarc)
    • FieldPanel now accepts a 'heading' argument (Jacob Topp-Mugglestone)
    • πŸ—„ Replaced deprecated ugettext / ungettext calls with gettext / ngettext (Mohamed Feddad)
    • ListBlocks now call child block bulk_to_python if defined (Andy Chosak)
    • Site settings are now identifiable/cachable by request as well as site (Andy Babic)
    • βž• Added select_related attribute to site settings to enable more efficient fetching of foreign key values (Andy Babic)
    • βž• Add caching of image renditions (Tom Dyson, Tim Kamanin)
    • βž• Add documentation for reporting security issues and internationalisation (Matt Westcott)
    • Fields on a custom image model can now be defined as required blank=False (Matt Westcott)
    • πŸ›  Fix: CVE-2020-11037 - avoid potential timing attack on password-protected private pages (Thibaud Colas)
    • πŸ›  Fix: Added ARIA alert role to live search forms in the admin (Casper Timmers)
    • πŸ›  Fix: Reorder login form elements to match expected tab order (Kjartan Sverrisson)
    • πŸ›  Fix: Re-add 'Close Explorer' button on mobile viewports (SΓ¦var Γ–fjΓΆrΓ° MagnΓΊsson)
    • πŸ›  Fix: Add a more descriptive label to Password reset link for screen reader users (Casper Timmers, Martin Coote)
    • πŸ›  Fix: Improve Wagtail logo contrast by adding a background (Brian Edelman, Simon Evans, Ben Enright)
    • πŸ›  Fix: Prevent duplicate notification messages on page locking (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Fix InlinePanel item non field errors not visible (Storm Heg)
    • πŸ›  Fix: {% image ... as var %} now clears the context variable when passed None as an image (Maylon Pedroso)
    • πŸ›  Fix: refresh_index method on Elasticsearch no longer fails (Lars van de Kerkhof)
    • πŸ›  Fix: Document tags no longer fail to update when replacing the document file at the same time (Matt Westcott)
    • πŸ›  Fix: Prevent error from very tall / wide images being resized to 0 pixels (Fidel Ramos)
    • πŸ›  Fix: Remove excess margin when editing snippets (Quadric)
    • πŸ›  Fix: Added scope attribute to table headers in TableBlock output (Quadric)
    • πŸ›  Fix: Prevent KeyError when accessing a StreamField on a deferred queryset (Paulo Alvarado)
    • πŸ›  Fix: Hide empty 'view live' links (Karran Besen)
    • πŸ›  Fix: Mark up a few strings for translation (Luiz Boaretto)
    • πŸ›  Fix: Invalid focal_point attribute on image edit view (MichaΕ‚ (Quadric) Sieradzki)
    • πŸ›  Fix: No longer expose the .delete() method on the default Page.objects manager (Nick Smith)
    • Fix: exclude_fields_in_copy on Page models will now work for for modelcluster parental / many to many relations (LB (Ben Johnston))
    • πŸ›  Fix: Response header (content disposition) now correctly handles filenames with non-ascii characters when using a storage backend (Rich Brennan)
    • πŸ›  Fix: Improved accessibility fixes for main, header and footer elements in the admin page layout (Mitchel Cabuloy)
    • πŸ›  Fix: Prevent version number from obscuring long settings menus (Naomi Morduch Toubman)
    • πŸ›  Fix: Admin views using TemplateResponse now respect the user's language setting (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Fixed incorrect language code for Japanese in language setting dropdown (Tomonori Tanabe)
  • v2.9.rc1 Changes

    April 21, 2020
    • βœ‚ Removed support for Django 2.1
    • βž• Added data exports in XLSX and CSV format for reports, ModelAdmin and form submissions (Jacob Topp-Mugglestone)
    • βž• Added support for creating custom reports (Jacob Topp-Mugglestone)
    • Skip page validation when unpublishing a page (Samir Shah)
    • βž• Added MultipleChoiceBlock block type for StreamField (James O'Toole)
    • ChoiceBlock now accepts a widget keyword argument (James O'Toole)
    • ⬇️ Reduced contrast of rich text toolbar (Jack Paine)
    • πŸ‘Œ Support the rel attribute on custom ModelAdmin buttons (Andy Chosak)
    • πŸ‘ Server-side page slug generation now respects WAGTAIL_ALLOW_UNICODE_SLUGS (Arkadiusz MichaΕ‚ RyΕ›)
    • Wagtail admin no longer depends on SiteMiddleware, avoiding incompatibility with Django sites framework and redundant database queries (aritas1, timmysmalls, Matt Westcott)
    • 🏷 Tag field autocompletion now handles custom tag models (Matt Westcott)
    • wagtail_serve URL route can now be omitted for headless sites (Storm Heg)
    • πŸ‘ Allow free tagging to be disabled on custom tag models (Matt Westcott)
    • πŸ‘ Allow disabling page preview by setting preview_modes to an empty list (Casper Timmers)
    • βž• Add Vidyard to oEmbed provider list (Steve Lyall)
    • Optimise compiling media definitions for complex StreamBlocks (pimarc)
    • FieldPanel now accepts a 'heading' argument (Jacob Topp-Mugglestone)
    • πŸ—„ Replaced deprecated ugettext / ungettext calls with gettext / ngettext (Mohamed Feddad)
    • ListBlocks now call child block bulk_to_python if defined (Andy Chosak)
    • Site settings are now identifiable/cachable by request as well as site (Andy Babic)
    • βž• Added select_related attribute to site settings to enable more efficient fetching of foreign key values (Andy Babic)
    • βž• Add caching of image renditions (Tom Dyson, Tim Kamanin)
    • βž• Add documentation for reporting security issues and internationalisation (Matt Westcott)
    • Fields on a custom image model can now be defined as required blank=False (Matt Westcott)
    • πŸ›  Fix: Added ARIA alert role to live search forms in the admin (Casper Timmers)
    • πŸ›  Fix: Reorder login form elements to match expected tab order (Kjartan Sverrisson)
    • πŸ›  Fix: Re-add 'Close Explorer' button on mobile viewports (SΓ¦var Γ–fjΓΆrΓ° MagnΓΊsson)
    • πŸ›  Fix: Add a more descriptive label to Password reset link for screen reader users (Casper Timmers, Martin Coote)
    • πŸ›  Fix: Improve Wagtail logo contrast by adding a background (Brian Edelman, Simon Evans, Ben Enright)
    • πŸ›  Fix: Prevent duplicate notification messages on page locking (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Fix InlinePanel item non field errors not visible (Storm Heg)
    • πŸ›  Fix: {% image ... as var %} now clears the context variable when passed None as an image (Maylon Pedroso)
    • πŸ›  Fix: refresh_index method on Elasticsearch no longer fails (Lars van de Kerkhof)
    • πŸ›  Fix: Document tags no longer fail to update when replacing the document file at the same time (Matt Westcott)
    • πŸ›  Fix: Prevent error from very tall / wide images being resized to 0 pixels (Fidel Ramos)
    • πŸ›  Fix: Remove excess margin when editing snippets (Quadric)
    • πŸ›  Fix: Added scope attribute to table headers in TableBlock output (Quadric)
    • πŸ›  Fix: Prevent KeyError when accessing a StreamField on a deferred queryset (Paulo Alvarado)
    • πŸ›  Fix: Hide empty 'view live' links (Karran Besen)
    • πŸ›  Fix: Mark up a few strings for translation (Luiz Boaretto)
    • πŸ›  Fix: Invalid focal_point attribute on image edit view (MichaΕ‚ (Quadric) Sieradzki)
    • πŸ›  Fix: No longer expose the .delete() method on the default Page.objects manager (Nick Smith)
    • Fix: exclude_fields_in_copy on Page models will now work for for modelcluster parental / many to many relations (LB (Ben Johnston))
    • πŸ›  Fix: Response header (content disposition) now correctly handles filenames with non-ascii characters when using a storage backend (Rich Brennan)
    • πŸ›  Fix: Improved accessibility fixes for main, header and footer elements in the admin page layout (Mitchel Cabuloy)
    • πŸ›  Fix: Prevent version number from obscuring long settings menus (Naomi Morduch Toubman)
    • πŸ›  Fix: Admin views using TemplateResponse now respect the user's language setting (Jacob Topp-Mugglestone)
    • πŸ›  Fix: Fixed incorrect language code for Japanese in language setting dropdown (Tomonori Tanabe)
  • v2.8.2 Changes

    May 04, 2020

    CVE-2020-11037 - avoid potential timing attack on password-protected private pages (Thibaud Colas)

  • v2.8.1 Changes

    April 14, 2020

    CVE-2020-11001 - prevent XSS attack via page revision comparison view (Vlad Gerasimenko, Matt Westcott)

  • v2.8 Changes

    February 03, 2020
    • πŸ‘ Django 3.0 support (Matt Westcott, Mads Jensen)
    • πŸ‘Œ Improved page locking to give editors exclusive edit access (Karl Hobley, Jacob Topp-Mugglestone)
    • βœ‚ Removed support for Django 2.0
    • βœ‚ Removed leftover Python 2.x compatibility code (Sergey Fedoseev)
    • πŸ‘€ Combine flake8 configurations (Sergey Fedoseev)
    • πŸ‘Œ Improve diffing behavior for text fields (Aliosha Padovani)
    • πŸ‘Œ Improve contrast of disabled inputs (Nick Smith)
    • Added get_document_model_string function (Andrey Smirnov)
    • βž• Added support for Cloudflare API tokens for frontend cache invalidation (Tom Usher)
    • Cloudflare frontend cache invalidation requests are now sent in chunks of 30 to fit within API limits (Tom Usher)
    • βž• Added ancestors field to the pages endpoint in admin API (Karl Hobley)
    • βœ‚ Removed Django admin management of Page & Site models (Andreas Bernacca)
    • πŸ“š Cleaned up Django docs URLs in documentation (Pete Andrew)
    • βž• Add StreamFieldPanel to available panel types in documentation (Dan Swain)
    • βž• Add {{ block.super }} example to ModelAdmin customisation in documentation (Dan Swain)
    • βž• Add ability to filter image index by a tag (Benedikt Willi)
    • βž• Add partial experimental support for nested InlinePanels (Matt Westcott, Sam Costigan, Andy Chosak, Scott Cranfill)
    • βž• Added cache control headers when serving documents (Johannes Vogel)
    • Use sensitive_post_parameters on password reset form (Dan Braghis)
    • πŸ“± Add WAGTAILEMBEDS_RESPONSIVE_HTML setting to remove automatic addition of responsive-object around embeds (Kalob Taulien)
    • πŸ›  Fix: Rename documents listing column 'uploaded' to 'created' (LB (Ben Johnston))
    • πŸ›  Fix: Unbundle the l18n library as it was bundled to avoid installation errors which have been resolved (Matt Westcott)
    • πŸ›  Fix: Prevent error when comparing pages that reference a model with a custom primary key (Fidel Ramos)
    • Fix: Moved get_document_model location so it can be imported when Models are not yet loaded (Andrey Smirnov)
    • πŸ›  Fix: Use correct HTML escaping of Jinja2 form templates for StructBlocks (Brady Moe)
    • Fix: All templates with wagtailsettings and modeladmin now use block.super for extra_js & extra_css (Timothy Bautista)
    • πŸ›  Fix: Layout issue when using FieldRowPanel with a heading (Andreas Bernacca)
    • Fix: file_size and file_hash now updated when Document file changed (Andreas Bernacca)
    • πŸ›  Fix: Fixed order of URLs in project template so that static / media URLs are not blocked (Nick Smith)
    • Fix: Added verbose_name_plural to form submission model (Janneke Janssen)
    • πŸ›  Fix: Prevent update_index failures and incorrect front-end rendering on blank TableBlock (Carlo Ascani)
    • πŸ›  Fix: Dropdown initialisation on the search page after AJAX call (Eric Sherman)
    • πŸ›  Fix: Make sure all modal chooser search results correspond to the latest search by canceling previous requests (Esper Kuijs)
  • v2.8.rc1 Changes

    January 20, 2020
    • πŸ‘ Django 3.0 support (Matt Westcott, Mads Jensen)
    • πŸ‘Œ Improved page locking to give editors exclusive edit access (Karl Hobley, Jacob Topp-Mugglestone)
    • βœ‚ Removed support for Django 2.0
    • βœ‚ Removed leftover Python 2.x compatibility code (Sergey Fedoseev)
    • πŸ‘€ Combine flake8 configurations (Sergey Fedoseev)
    • πŸ‘Œ Improved diffing behavior for text fields (Aliosha Padovani)
    • πŸ‘Œ Improve contrast of disabled inputs (Nick Smith)
    • Added get_document_model_string function (Andrey Smirnov)
    • βž• Added support for Cloudflare API tokens for frontend cache invalidation (Tom Usher)
    • Cloudflare frontend cache invalidation requests are now sent in chunks of 30 to fit within API limits (Tom Usher)
    • βž• Added ancestors field to pages endpoint in admin API (Karl Hobley)
    • βœ‚ Removed Django admin management of Page & Site models (Andreas Bernacca)
    • πŸ“š Cleaned up Django docs URLs in documentation (Pete Andrew)
    • βž• Add StreamFieldPanel to available panel types in documentation (Dan Swain)
    • βž• Add {{ block.super }} example to ModelAdmin customisation in documentation (Dan Swain)
    • βž• Add ability to filter image index by a tag (Benedikt Willi)
    • βž• Add partial experimental support for nested InlinePanels (Matt Westcott, Sam Costigan, Andy Chosak, Scott Cranfill)
    • βž• Added cache control headers when serving documents (Johannes Vogel)
    • Use sensitive_post_parameters on password reset form (Dan Braghis)
    • πŸ“± Add WAGTAILEMBEDS_RESPONSIVE_HTML setting to remove automatic addition of responsive-object around embeds (Kalob Taulien)
    • πŸ›  Fix: Rename documents listing column 'uploaded' to 'created' (LB (Ben Johnston))
    • πŸ›  Fix: Unbundle the l18n library as it was bundled to avoid installation errors which have been resolved (Matt Westcott)
    • πŸ›  Fix: Prevent error when comparing pages that reference a model with a custom primary key (Fidel Ramos)
    • Fix: Moved get_document_model location so it can be imported when Models are not yet loaded (Andrey Smirnov)
    • πŸ›  Fix: Fixed incorrect HTML escaping of Jinja2 form templates for StructBlocks (Brady Moe)
    • Fix: All templates with wagtailsettings and modeladmin now use block.super for extra_js & extra_css (Timothy Bautista)
    • πŸ›  Fix: Layout issue when using FieldRowPanel with a heading (Andreas Bernacca)
    • Fix: file_size and file_hash not updated when Document file changed (Andreas Bernacca)
    • πŸ›  Fix: Fixed order of URLs in project template so that static / media URLs are not blocked (Nick Smith)
    • Fix: Added verbose_name_plural for form submission model (Janneke Janssen)
    • πŸ›  Fix: Prevent update_index failures and incorrect front-end rendering on blank TableBlock (Carlo Ascani)
    • πŸ›  Fix: Dropdown initialisation on the search page after AJAX call (Eric Sherman)
    • πŸ›  Fix: Make sure all modal chooser search results correspond to the latest search by canceling previous requests (Esper Kuijs)
  • v2.7.4 Changes

    July 20, 2020
    • CVE-2020-15118 - prevent HTML injection through form field help text (Timothy Bautista, Matt Westcott)
    • Expand Pillow dependency range to include 7.x (Harris Lapiroff, Matt Westcott)